Keywords
How to Cite
Abstract
The end-to-end mobile purchase process depends on the decisions and actions of many stakeholders, including consumers, mobile application developers, mobile payment service providers, merchants, financial institutions like banks and credit card companies, and their respective data centers. This paper presents a detailed look at mobile payments as a sequence of transactions to better understand what is required to authenticate, authorize, verify and process them, and where security vulnerabilities lie. This analysis was accomplished by conducting in-depth research on three popular use cases – Apple Pay, Google Pay, and Samsung Pay – analyzing their respective potentials for being compromised, and suggesting opportunities where higher levels of security can be attained. While many mechanisms exist that can contribute to safeguarding mobile transactions, this analysis shows many ways known vulnerabilities and attacks still can be leveraged to exploit users’ data within popular mobile payment solutions. Approaches for improving the security of mobile payment transactions are included as way ahead recommendations.
Open Access License Notice:
This article is © its author(s) and is licensed under the Creative Commons Attribution 4.0 International License (CC BY 4.0). Beginning with Volume 13 (2026), this license is included directly within all published PDFs. For earlier articles, a cover page has been added to indicate the correct licensing terms. Any legacy copyright or pricing statements appearing within the PDF reflect prior print production workflows and do not represent the Journal’s current open access policy. For full details, please see the Journal’s License Terms.